package lumis.service.pagepersonalization.widgetmanipulationaction;

import lumis.portal.AccessDeniedException;
import lumis.portal.PortalException;
import lumis.portal.authentication.SessionConfig;
import lumis.portal.manager.ManagerFactory;
import lumis.portal.presentation.perspective.IPortalMode;
import lumis.portal.serviceinstance.ServiceInstanceConfig;
import lumis.portal.serviceinstance.acl.ServiceInstancePermissions;
import lumis.portal.transaction.ITransaction;
import lumis.portal.transaction.PortalTransactionFactory;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * An abstract implementation of {@link WidgetManipulationAction} that
 * implements a generic method for checking whether the required parameters are
 * present or not in the request and a method for obtain a parameter from
 * request.
 *
 * @version $Revision: 13246 $ $Date: 2011-07-14 17:08:26 -0300 (Thu, 14 Jul 2011) $
 * @since 6.0.0
 */
abstract class AbstractWidgetManipulationAction implements WidgetManipulationAction
{
	protected final String LUMIS_SERVICE_PAGEPERSONALIZATION_WIDGET_HOLDER_INTERFACE_ID = "lumis.service.pagepersonalization.widgetHolder";

	/**
	 * Checks if the current session has permission to manage the widgets holder.
	 * @param serviceInstanceId the holder's service instance identifier.
	 * @throws AccessDeniedException if the session does not has the permission.
	 * @since 6.0.0
	 */
	protected void checkManageHolderPermission(String serviceInstanceId) throws PortalException
	{
		checkPermission(serviceInstanceId, "manageHolderDefaultWidgets");
	}

	/**
	 * Checks if the current session has permission to personalize a widget 
	 * holder for itself.
	 * @param serviceInstanceId the holder's service instance identifier.
	 * @throws AccessDeniedException if the session does not has the permission.
	 * @since 6.0.0
	 */
	protected void checkPersonalizePagePermission(String serviceInstanceId) throws PortalException
	{
		checkPermission(serviceInstanceId, "personalizePage");
	}

	/**
	 * Checks if the current session has the specified permission.
	 * @param serviceInstanceId the service instance identifier.
	 * @param permissionId the permission identifier.
	 * @throws AccessDeniedException if the session does not has the specified permission.
	 * @since 6.0.0
	 */
	private void checkPermission(String serviceInstanceId, String permissionId) throws PortalException
	{
		ITransaction transaction = PortalTransactionFactory.getCurrentTransaction();
		ServiceInstanceConfig serviceInstanceConfig = ManagerFactory.getServiceInstanceManager().get(serviceInstanceId, transaction);
		SessionConfig sessionConfig = SessionConfig.getCurrentSessionConfig();
		ServiceInstancePermissions permissions = ManagerFactory.getServiceInstanceAclManager().getPermissions(sessionConfig, serviceInstanceConfig.getServiceId(), transaction);
		if (!ManagerFactory.getServiceInstanceAclManager().checkPermission(sessionConfig, serviceInstanceId, permissions.valueOf(permissionId), transaction))
			throw new AccessDeniedException();
	}
	
	/**
	 * Checks whether the required parameters are present or not in the request.
	 *
	 * @param request
	 *            the request.
	 * @param parameters
	 *            the required parameters.
	 * @return true if all required parameters are present in the request or
	 *         false otherwise.
	 * @since 6.0.0
	 */
	boolean checkRequiredParameters(HttpServletRequest request, String... parameters)
	{
		if(parameters != null && parameters.length > 0)
			for(String parameter : parameters)
				if (request.getParameter(parameter) == null || "".equals(request.getParameter(parameter)))
					return false;

		return true;
	}

	/**
	 * Gets a parameter with a given name from request.
	 *
	 * @param parameterName
	 *            the desired parameter's name
	 * @param request
	 *            the request.
	 * @return the value obtained from request.
	 * @since 6.0.0
	 */
	String getParameter(String parameterName, HttpServletRequest request)
	{
		return request.getParameter(parameterName);
	}

	public int doAction(HttpServletRequest request, IPortalMode portalMode, ITransaction transaction) throws PortalException
	{
		if (!checkRequiredParameters(request, getRequiredParameters()))
			return HttpServletResponse.SC_BAD_REQUEST;

		return processWidgetManipulation(request, portalMode, transaction);
	}

	/**
	 * Implementation is responsible for process the widget manipulation
	 * request.
	 * 
	 * @param request
	 *            the {@link HttpServletRequest request}.
	 * @param portalMode the current portal mode.
	 * @param transaction
	 *            the {@link ITransaction transaction} to use.
	 * @return an {@link HttpServletResponse#setStatus(int) HTTP status code}.
	 * @since 6.0.0
	 */
	abstract int processWidgetManipulation(HttpServletRequest request, IPortalMode portalMode, ITransaction transaction) throws PortalException;

	/**
	 * Implementations must return a list of required parameters.
	 *
	 * @return a list of required parameters.
	 * @since 6.0.0
	 */
	abstract String[] getRequiredParameters();
}
